TU Darmstadt / ULB / TUbiblio

Group-Based Attestation: Enhancing Privacy and Management in Remote Attestation

Alsouri, Sami ; Dagdelen, Özgür ; Katzenbeisser, Stefan
eds.: Acquisti, A. ; Sadeghi, Ahmad-Reza (2010)
Group-Based Attestation: Enhancing Privacy and Management in Remote Attestation.
Conference or Workshop Item, Bibliographie

Abstract

One of the central aims of Trusted Computing is to provide the ability to attest that a remote platform is in a certain trustworthy state. While in principle this functionality can be achieved by the remote attestation process as standardized by the Trusted Computing Group, privacy and scalability problems make it difficult to realize in practice: In particular, the use of the SHA-1 hash to measure system components requires maintenance of a large set of hashes of presumably trustworthy software; furthermore, during attestation, the full configuration of the platform is revealed. In this paper we show how chameleon hashes allow to mitigate of these two problems. By using a prototypical implementation we furthermore show that the approach is feasible in practice.

Item Type: Conference or Workshop Item
Erschienen: 2010
Editors: Acquisti, A. ; Sadeghi, Ahmad-Reza
Creators: Alsouri, Sami ; Dagdelen, Özgür ; Katzenbeisser, Stefan
Type of entry: Bibliographie
Title: Group-Based Attestation: Enhancing Privacy and Management in Remote Attestation
Language: German
Date: June 2010
Journal or Publication Title: TRUST 2010
Book Title: 3rd International Conference on Trust and Trustworthy Computing (TRUST 2010)
Corresponding Links:
Abstract:

One of the central aims of Trusted Computing is to provide the ability to attest that a remote platform is in a certain trustworthy state. While in principle this functionality can be achieved by the remote attestation process as standardized by the Trusted Computing Group, privacy and scalability problems make it difficult to realize in practice: In particular, the use of the SHA-1 hash to measure system components requires maintenance of a large set of hashes of presumably trustworthy software; furthermore, during attestation, the full configuration of the platform is revealed. In this paper we show how chameleon hashes allow to mitigate of these two problems. By using a prototypical implementation we furthermore show that the approach is feasible in practice.

Uncontrolled Keywords: Secure Services
Identification Number: TUD-CS-2010-0134
Divisions: LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Date Deposited: 30 Dec 2016 20:23
Last Modified: 03 Jun 2018 21:31
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details